Example of using an HTML Sanitizer blacklist.

Go to solution
Community Alums
Not applicable

‎09-12-2014 11:31 AM

I'm working in a test instance of Eureka and I would like to test out the HTML Sanitizer blacklist as shown here in the wiki.

 

I want to setup a simple blacklist that prohibits using image tags that reference a .jpg file in the src property.   So far it doesn't work when I view a sample Knowledgebase entry I've made that uses an image tag with a .jpg source.   The image appears every time.   What am I doing wrong?

The system property for HTML Santizer is on, and the HTMLSanitizerConfig script include looks like this:

 

var HTMLSanitizerConfig = Class.create();
HTMLSanitizerConfig.prototype = {
initialize: function() {
},

HTML_WHITELIST : {
  /*globalAttributes: {
    attribute:[],
    attributeValuePattern:{}
  },*/
},

HTML_BLACKLIST : {
  globalAttributes: {},
  img: {
                      attribute:["src"],
                      attributeValuePattern:{src:".*jpg"}
              },

},

getWhiteList : function() {
  return this.HTML_WHITELIST;
},

getBlackList : function() {
  return this.HTML_BLACKLIST;
},

type: 'HTMLSanitizerConfig'
}

0 Helpfuls
  • 3,392 Views
1 ACCEPTED SOLUTION

Go to solution
Community Alums
Not applicable

‎10-20-2014 01:46 PM

Thanks to the assistance of HI, I got help to figure out how I configured this example wrong.   What I needed to use was:



var HTMLSanitizerConfig = Class.create();


HTMLSanitizerConfig.prototype = {


initialize: function() {


},



HTML_WHITELIST : {


  globalAttributes: {


    attribute:[],


    attributeValuePattern:{}


  },


},



HTML_BLACKLIST : {


  globalAttributes: {},


  img: {


                      attribute:[],


                      attributeValuePattern:{src:".*jp(e)?gx"}


              },


},



getWhiteList : function() {


  return this.HTML_WHITELIST;


},



getBlackList : function() {


  return this.HTML_BLACKLIST;


},



type: 'HTMLSanitizerConfig'


}


View solution in original post

1 REPLY 1

Go to solution
Community Alums
Not applicable

‎10-20-2014 01:46 PM

Thanks to the assistance of HI, I got help to figure out how I configured this example wrong.   What I needed to use was:



var HTMLSanitizerConfig = Class.create();


HTMLSanitizerConfig.prototype = {


initialize: function() {


},



HTML_WHITELIST : {


  globalAttributes: {


    attribute:[],


    attributeValuePattern:{}


  },


},



HTML_BLACKLIST : {


  globalAttributes: {},


  img: {


                      attribute:[],


                      attributeValuePattern:{src:".*jp(e)?gx"}


              },


},



getWhiteList : function() {


  return this.HTML_WHITELIST;


},



getBlackList : function() {


  return this.HTML_BLACKLIST;


},



type: 'HTMLSanitizerConfig'


}